<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-9">
<title>Edit staff details</title>
<SCRIPT TYPE="text/javascript" src= "../../commonutils/util/util.js"> </SCRIPT>
</head>
<style type="text/css">
th {text-align: right}
</style>
<body>
<?php include 'top.html' ?>
<?php include '../../authorization_check.php'; ?>
<?php include '../../checkRootOnly.php'; ?>

<?php
	session_start();
?>

<?php
require_once '../../commonutils/db/DBConnectionManager.php';

$ss = "select * from user";
$rr = DBConnectionManager::query($ss);
if(mysql_num_rows($rr) != 0)
{
	echo "<div>";
	echo "<center>";
	echo "<p>Select&nbsp;the&nbsp;user&nbsp;</p>";
	echo "<form method=\"POST\" action=\"UpdateUser.php\">";
	echo "<select name=\"selectUser\">";
	while($rrr = mysql_fetch_assoc($rr))
	{
		echo "<option value=\"".$rrr['userName']."\">".$rrr['userName']."</option>";
	}
	echo "</select>";
	echo "<input type=\"submit\" value=\"Select\" name=\"btnUpdate\">&nbsp;&nbsp;";
	echo "</form>";
	echo "</center>";
	echo "</div>";
	
}
else
{
	echo "<center><h4>No user found in database!!!</h4></center>";
}

if (isset($_POST['btnUpdate']))
{
	$s = "select * from user where userName='".$_POST['selectUser']."'";
	//echo $s."<br>";
	$res = DBConnectionManager::query($s);
	if (mysql_num_rows($res) == 1)
	{
		$rws = mysql_fetch_assoc($res);
		$username = $rws['userName'];
		$userType = $rws['userType'];
		$programCode = $rws['programCode'];
		$firstname = $rws['firstName'];
		$lastname = $rws['lastName'];
		
		echo "<center>";
		echo "<form method=\"POST\" action=\"UpdateUser.php\">";
		echo "<table border=\"1\" width=\"56%\" id=\"table1\">";
		echo "<tr>";
		echo "<td colspan=\"2\" height=\"20\"><center>";
		echo "<h1>Update User</h1>";
		echo "</center></td>";
		echo "</tr>";
		echo "<tr>";
		echo "<td width=\"112\">User Name</td>";
		echo "<td width=\"162\"><input type=\"hidden\" name=\"txtUsername\" value=\"".$username."\">".$username."</td>";
		echo "</tr>";
		echo "<tr>";
		echo "<td width=\"112\">User Type</td>";
		echo "<td width=\"162\">";
		echo "<select size=\"1\" name=\"txtUserType\">";
		echo "<option value=\"1\">Program Coordinator</option>";
		echo "<option value=\"2\">Vice Program Coordinator</option>";
		echo "<option value=\"3\">Secretary</option>";
		echo "<option value=\"4\">Student</option>";
		echo "</select>";
		echo "</td>";
		echo "</tr>";
		echo "<tr>";
		echo "<td width=\"112\">First Name</td>";
		echo "<td width=\"162\"><input type=\"text\" name=\"txtFirstname\" size=\"40\" value=\"".$firstname."\"</td>";
		echo "</tr>";
		echo "<tr>";
		echo "<td width=\"112\">Last Name</td>";
		echo "<td width=\"162\"><input type=\"text\" name=\"txtLastname\" size=\"40\" value=\"".$lastname."\"></td>";
		echo "</tr>";
		echo "<tr>";
		echo "<td width=\"112\">Program Code</td>";
		echo "<td width=\"162\">";
		echo "<select size=\"1\" name=\"txtProgramCode\">";
		echo "<option>IS</option>";
		echo "<option>COGS</option>";
		echo "<option>MS</option>";
		echo "<option>ION</option>";
		echo "<option>SM</option>";
		echo "<option>MI</option>";
		echo "<option>WBLS</option>";
		echo "</select>";
		echo "</td>";
		echo "</tr>";
		echo "</table>";
		echo "<input type=\"submit\" value=\"Update\" name=\"btnSubmit\">&nbsp;&nbsp;";
		echo "<input type=\"reset\" value=\"Clear\" name=\"btnReset\">&nbsp;";
		echo "<input type=\"reset\" value=\"Cancel\" name=\"btnCancel\">";
		echo "</form>";
		echo "</center>";
		
	}
	else
	{
		echo "<center><h4>Sorry no such user</h4></center>";
	}
	
}
if (isset($_POST['btnSubmit']))
{
	$username = $_POST['txtUsername'];
	$userType = $_POST['txtUserType'];
	if($userT == "1") 
	{
		$userType=1;
	}
	else if($userT == "2")
	{
		$userType=2;
	}
	else if($userT == "3") 
	{
		$userType=3;
	}
	else if($userT == "4") 
	{
		$userType=4;
	}
	$firstname = $_POST['txtFirstname'];
	$lastname = $_POST['txtLastname'];
	$programC = $_POST['txtProgramCode'];
	if ($programC == "IS")
	{
		$programCode=9010;
	}
	else if ($programC == "COGS")
	{
		$programCode=9020;
	}
	else if ($programC == "MS") 
	{
		$programCode=9030;
	}
	else if ($programC == "ION") 
	{
		$programCode=9040;
	}
	else if ($programC == "SM") 
	{
		$programCode=9050;
	}
	else if ($programC == "MI") 
	{
		$programCode=9060;
	}
	else if ($programC == "WBLS") 
	{
		$programCode=9070;
	}
	
	
	$sql = "select * from user where userName='".$username."'";
	//echo $sql."<br>";
	
	$r = DBConnectionManager::query($sql);
	if(mysql_num_rows($r) == 1)
	{
		$sqlquery = "update user".
						 " set userType=".$userType.", programCode=".$programCode.", firstName='".$firstname."', lastName='".$lastname."' where userName='".$username."'";
		//echo $sqlquery;
		$result = DBConnectionManager::query($sqlquery);
		echo "<center><h4>User information has been successfully updated</h4></center>";		
	}
	else
	{
		echo "<center><h4>Sorry, user name entered exists in the system</h4></center>";
	}
}
?>


<br>
<hr color="blue">
<p>
  <a href="../../SecurityIndex.php">Back</a>
</p>


</body>
</html>